RC4信息泄露漏洞原理

一、简介
2015年3月26日，国外数据安全公司Imperva的研究员Itsik Mantin在BLACK HAT ASIA 2015发表论文《Attacking SSL when using RC4》阐述了
利用存在了13年之久的RC4漏洞——不变性弱密钥（《Weakness in the Key Scheduling Algorithm of RC4》,FMS 发表于2001年）进行的攻击，并
命名为“受戒礼”攻击（Bar Mitzvah Attack）。
直到2015年3月，还有约30%的网络通信是由RC4进行保护的。通过“受戒礼”攻击，攻击者可以在特定环境下只通过嗅探监听就可以还原采用RC4保护
的加密信息中的纯文本，导致账户、密码、信用卡信息等重要敏感信息暴露，并且可以通过中间人（Man-in-the-middle）进行会话劫持。

二、扫描验证

系统环境:centos、redhat

1、安装openssl

yum -y install openssl

2、命令扫描

#验证RC4算法

[root@web ~]# openssl s_client -connect www.taobao.com:443 -cipher RC4

CONNECTED(00000003)

140545796552520:error:14077410:SSL routines:SSL23_GET_SERVER_HELLO:sslv3 alert handshake failure:s23_clnt.c:744:

---

no peer certificate available #返回结果无证书信息，说明服务端口没有使用RC4加密算法

---

No client certificate CA names sent

---

SSL handshake has read 7 bytes and written 133 bytes

---

New, (NONE), Cipher is (NONE)

Secure Renegotiation IS NOT supported

Compression: NONE

Expansion: NONE

---

#验证SHA加密算法

[root@web ~]# openssl s_client -connect www.taobao.com:443 -cipher SHA

CONNECTED(00000003)

depth=2 C = BE, O = GlobalSign nv-sa, OU = Root CA, CN = GlobalSign Root CA

verify return:1

depth=1 C = BE, O = GlobalSign nv-sa, CN = GlobalSign Organization Validation CA - SHA256 - G2

verify return:1

depth=0 C = CN, ST = ZheJiang, L = HangZhou, O = "Alibaba (China) Technology Co., Ltd.", CN = *.tmall.com

verify return:1

---

Certificate chain #返回了正式信息，说明支持SHA算法

0 s:/C=CN/ST=ZheJiang/L=HangZhou/O=Alibaba (China) Technology Co., Ltd./CN=*.tmall.com

i:/C=BE/O=GlobalSign nv-sa/CN=GlobalSign Organization Validation CA - SHA256 - G2

1 s:/C=BE/O=GlobalSign nv-sa/CN=GlobalSign Organization Validation CA - SHA256 - G2

i:/C=BE/O=GlobalSign nv-sa/OU=Root CA/CN=GlobalSign Root CA

---

Server certificate

-----BEGIN CERTIFICATE-----

MIIJHTCCCAWgAwIBAgIMbVVxYu+0omQQP3O4MA0GCSqGSIb3DQEBCwUAMGYxCzAJ

BgNVBAYTAkJFMRkwFwYDVQQKExBHbG9iYWxTaWduIG52LXNhMTwwOgYDVQQDEzNH

bG9iYWxTaWduIE9yZ2FuaXphdGlvbiBWYWxpZGF0aW9uIENBIC0gU0hBMjU2IC0g

RzIwHhcNMjAwOTI3MDYzMjAyWhcNMjExMDI5MDYyNjAzWjB4MQswCQYDVQQGEwJD

TjERMA8GA1UECBMIWmhlSmlhbmcxETAPBgNVBAcTCEhhbmdaaG91MS0wKwYDVQQK

EyRBbGliYWJhIChDaGluYSkgVGVjaG5vbG9neSBDby4sIEx0ZC4xFDASBgNVBAMM

CyoudG1hbGwuY29tMFkwEwYHKoZIzj0CAQYIKoZIzj0DAQcDQgAE47F4GZz0WqTM

BlUlMRsav9Q236UNl6gyUX5A834ygyAqYBnKgn+Ch6NceVuw82n9OPZJGbKXekex

LvdgOM5N9aOCBoIwggZ+MA4GA1UdDwEB/wQEAwIDiDCBoAYIKwYBBQUHAQEEgZMw

gZAwTQYIKwYBBQUHMAKGQWh0dHA6Ly9zZWN1cmUuZ2xvYmFsc2lnbi5jb20vY2Fj

ZXJ0L2dzb3JnYW5pemF0aW9udmFsc2hhMmcycjEuY3J0MD8GCCsGAQUFBzABhjNo

dHRwOi8vb2NzcDIuZ2xvYmFsc2lnbi5jb20vZ3Nvcmdhbml6YXRpb252YWxzaGEy

ZzIwVgYDVR0gBE8wTTBBBgkrBgEEAaAyARQwNDAyBggrBgEFBQcCARYmaHR0cHM6

Ly93d3cuZ2xvYmFsc2lnbi5jb20vcmVwb3NpdG9yeS8wCAYGZ4EMAQICMAkGA1Ud

EwQCMAAwSQYDVR0fBEIwQDA+oDygOoY4aHR0cDovL2NybC5nbG9iYWxzaWduLmNv

bS9ncy9nc29yZ2FuaXphdGlvbnZhbHNoYTJnMi5jcmwwggOyBgNVHREEggOpMIID

pYILKi50bWFsbC5jb22CCiouMTY4OC5jb22CDiouM2MudG1hbGwuY29tgg0qLmFs

aWJhYmEuY29tghAqLmFsaWV4cHJlc3MuY29tghIqLmFsaXFpbi50bWFsbC5jb22C

DSouYWxpdHJpcC5jb22CDCouYWxpeXVuLmNvbYINKi5jYWluaWFvLmNvbYIQKi5j

YWluaWFvLmNvbS5jboIQKi5jaGkudGFvYmFvLmNvbYIPKi5jaGkudG1hbGwuY29t

ghIqLmNoaW5hLnRhb2Jhby5jb22CDiouZGluZ3RhbGsuY29tggoqLmV0YW8uY29t

ggsqLmZlaXpodS5jboIMKi5mZWl6aHUuY29tggwqLmZsaWdneS5jb22CCyouZmxp

Z2d5LmhrghAqLmZvb2QudG1hbGwuY29tghAqLmppYS50YW9iYW8uY29tgg8qLmpp

YS50bWFsbC5jb22CDyouanUudGFvYmFvLmNvbYIPKi5qdWh1YXN1YW4uY29tgg8q

Lmx3LmFsaWltZy5jb22CDCoubS4xNjg4LmNvbYIPKi5tLmFsaWJhYmEuY29tgg8q

Lm0uYWxpdHJpcC5jb22CDyoubS5jYWluaWFvLmNvbYIMKi5tLmV0YW8uY29tgg4q

Lm0udGFvYmFvLmNvbYITKi5tLnRhb3BpYW9waWFvLmNvbYINKi5tLnRtYWxsLmNv

bYIMKi5tLnRtYWxsLmhrghEqLm0ueWFvLjk1MDk1LmNvbYIJKi5tZWkuY29tggwq

LnRhb2Jhby5jb22CESoudGFvcGlhb3BpYW8uY29tggoqLnRtYWxsLmhrghEqLnRy

aXAudGFvYmFvLmNvbYILKi54aWFtaS5jb22CDyoueWFvLjk1MDk1LmNvbYIIMTY4

OC5jb22CC2FsaWJhYmEuY29tgg5hbGlleHByZXNzLmNvbYILYWxpdHJpcC5jb22C

CmFsaXl1bi5jb22CC2NhaW5pYW8uY29tgg5jYWluaWFvLmNvbS5jboIMZGluZ3Rh

bGsuY29tgghldGFvLmNvbYIJZmVpemh1LmNuggpmZWl6aHUuY29tggpmbGlnZ3ku

Y29tgglmbGlnZ3kuaGuCDWp1aHVhc3Vhbi5jb22CEW0uaW50bC50YW9iYW8uY29t

ggdtZWkuY29tggp0YW9iYW8uY29tgg90YW9waWFvcGlhby5jb22CCHRtYWxsLmhr

ggl4aWFtaS5jb22CCXRtYWxsLmNvbTAdBgNVHSUEFjAUBggrBgEFBQcDAQYIKwYB

BQUHAwIwHwYDVR0jBBgwFoAUlt5h8b0cFilTHMDMfTuDAEDmGnwwHQYDVR0OBBYE

FID1VDod2aq8+TL8VssbHyqXc1AzMIIBBAYKKwYBBAHWeQIEAgSB9QSB8gDwAHYA

7sCV7o1yZA+S48O5G8cSo2lqCXtLahoUOOZHssvtxfkAAAF0zkLqSQAABAMARzBF

AiB/nK13u8kYP6+iRqwRSMqn78zDc0AibXVMDA2s3EyAYgIhALPy7DzDfn8inJip

WN5SDhVgNruLZ7sMzBepydpGwTBlAHYA9lyUL9F3MCIUVBgIMJRWjuNNExkzv98M

LyALzE7xZOMAAAF0zkLqJwAABAMARzBFAiEA1TUuzf71N/6841oRag7EszN5+sWA

CPl5cVZGXwiUMPkCIHqBqmLThrrTFhlVE+/Z3CbvIH5e68oy4c+YWAf0CNdgMA0G

CSqGSIb3DQEBCwUAA4IBAQCIitPKdkKuzg5Piz4FEVeqr2C/Lhp+yd5QLMDGX4NV

hovLlCAqOW/HxBwyy8DJn/8sgKY2+eOO7b/z+40cIEJKlkZtONDKz1uFZZpuc6K7

caNn87PNxC0l8AfTtfi+e+OIyVrp6xygKIzsNRJTMvJXbXMXKQXR4k8erkyaRpDc

G+oUNt+6xBS+01kXPQvH5V5KUZt5YIhPl7pd36cYkvWVhNAPTzIhUBqMYRfFfc7r

rc6xUkdAP77JwDGHAs3kPSJKbin68D4wja+5fPW8PC+vscPHwSJVHjsj6uVR4Wv4

OsSaPP+C9HsAvWP284Zi7xbb0PckT+i7slGJJ4nHaGpG

-----END CERTIFICATE-----

subject=/C=CN/ST=ZheJiang/L=HangZhou/O=Alibaba (China) Technology Co., Ltd./CN=*.tmall.com

issuer=/C=BE/O=GlobalSign nv-sa/CN=GlobalSign Organization Validation CA - SHA256 - G2

---

No client certificate CA names sent

Server Temp Key: ECDH, prime256v1, 256 bits

---

SSL handshake has read 3966 bytes and written 371 bytes

---

New, TLSv1/SSLv3, Cipher is ECDHE-ECDSA-AES128-SHA

Server public key is 256 bit

Secure Renegotiation IS supported

Compression: NONE

Expansion: NONE

SSL-Session:

Protocol : TLSv1.2

Cipher : ECDHE-ECDSA-AES128-SHA

Session-ID: F1D73BD2560E0FB7664E7769BBECC44FF0E1DF34579EB26403337160A2394D08

Session-ID-ctx:

Master-Key: DA311100EAE33A47544F743C2646B0D13D56D1B83DC5CCFE6A348E695FCA48130DC076978F841E35C66B943E0A7737B0

Key-Arg : None

Krb5 Principal: None

PSK identity: None

PSK identity hint: None

TLS session ticket lifetime hint: 900 (seconds)

TLS session ticket:

0000 - c7 f3 15 16 ca 6f 94 ed-9e 9e 8e b7 f6 f1 53 b1 .....o........S.

0010 - 8b fa a1 4d d0 8d c2 03-c7 97 81 b8 17 9a 73 bb ...M..........s.

0020 - c7 9c db 22 95 be 80 51-ca 8e ee e7 b2 26 62 ae ..."...Q.....&b.

0030 - 65 ed be f7 1e 73 91 a1-90 20 f4 f2 82 3b ec e7 e....s... ...;..

0040 - 62 81 8b 59 d6 b1 1c 9e-66 ab 93 d6 04 3b 3f 95 b..Y....f....;?.

0050 - e6 f2 9c 5a b2 fe 7a 1a-14 67 ad 66 8f 90 1f 79 ...Z..z..g.f...y

0060 - 4e 75 7a ca 6a fd 8c 22-bf d9 94 c6 8c 6c d1 4d Nuz.j..".....l.M

0070 - 1f 66 3d 5f 32 da 65 3d-68 5c cd dd 9e 0b c1 ee .f=_2.e=h\......

0080 - 81 06 a1 bd 20 52 c7 09-17 b5 c8 f8 79 cc ee da .... R......y...

0090 - 9e fb 4c 28 f5 92 39 a9-76 9f 12 05 8b e3 09 09 ..L(..9.v.......

Start Time: 1603893802

Timeout : 300 (sec)

Verify return code: 0 (ok)

---

closed

三、解决方案

1、根据各应用服务的官方解决方案关闭RC4算法

在这里插入图片描述
2、利用网络隔离或防火墙做访问源限制

安全漏洞虽然可能会造成信息泄露、数据破坏等损失，但是修复安全的本身也是一种人力、财力的损耗。RC4算法信息
泄露本质是对服务端口传输加密算法的破解，但是其完全破解信息内容也是需要时间和成本的，可能在其破解前其信息已经失去了利用价值。
因此，对于一些内部使用的非机密、非敏感数据的服务，可以通过防护墙源地址限制、VLAN隔离等方式处理。这样既能有效降低甚至阻断外
部攻击，又能正常使用应用服务。
计算机病毒和漏洞，就像人体所面对的疾病与免疫衰退，需要定期体检来评估自己的身体状况，但也不片面追求各项数据指标，否则可能一
个指标正常了，另一个指标却异常了，要在安全与经济上达到一种平衡。

结束语: 互联网高速发展的今天，安全问题层出不穷，面对安全问题，我们要客观理性的分析评估，首先要分析漏洞危害的大小、影响范围、利用
难度，其次要根据企业或个人信息数据的实际情况来评估安全风险(安全组织定级的高危未必就有高风险，低危未必危害就小），最后就是按重点
和优先级来处理安全问题。

(责任编辑：liangzh)

搜索

热门标签:

RC4信息泄露漏洞原理